Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func IsAuthorizationError ¶
IsAuthorizationError asserts authorizationError.
func IsTokenInvalidError ¶
IsTokenInvalidError asserts tokenInvalidError.
func IsTokenIssuedAtError ¶
IsTokenIssuedAtError asserts tokenIssuedAtError.
Types ¶
type CallbackResult ¶
type CallbackResult struct {
Interface interface{}
Error error
}
CallbackResult is used by our channel to store callback results.
type IDToken ¶
type IDToken struct {
// Email claim.
Email string
}
IDToken is our custom representation of the details of a JWT we care about.
func ParseIDToken ¶
ParseIDToken takes a jwt token and returns an IDToken, which is just a custom struct with only the email claim in it. Since that is all that gsctl cares about for now.
type JSONWebKeys ¶
type JSONWebKeys struct {
Kty string `json:"kty"`
Kid string `json:"kid"`
Use string `json:"use"`
N string `json:"n"`
E string `json:"e"`
X5c []string `json:"x5c"`
}
JSONWebKeys represents one JWS web key.
type PKCEResponse ¶
type PKCEResponse struct {
AccessToken string `json:"access_token"`
ExpiresIn int `json:"expires_in"`
IDToken string `json:"id_token"`
Scope string `json:"scope"`
TokenType string `json:"token_type"`
RefreshToken string `json:"refresh_token"`
Error string `json:"error"`
ErrorDescription string `json:"error_description"`
}
PKCEResponse represents the result we get from the PKCE flow.
func RunPKCE ¶
func RunPKCE(audience string) (PKCEResponse, error)
RunPKCE starts the Authorization Code Grant Flow with PKCE. It does roughly the following steps: 1. Craft the authorization URL and open the users browser. 2. Starting a callback server to wait for the redirect with the code. 3. Exchanging the code for an access token and id token.
type RefreshRequest ¶
type RefreshRequest struct {
ClientID string `json:"client_id"`
ClientSecret string `json:"client_secret"`
GrantType string `json:"grant_type"`
RefreshToken string `json:"refresh_token"`
}
RefreshRequest represents the request that the token refresh endpoint expects in the JSON body. It gets marshalled to JSON.
type RefreshResponse ¶
type RefreshResponse struct {
AccessToken string `json:"access_token"`
ExpiresIn int `json:"expires_in"`
IDToken string `json:"id_token"`
Scope string `json:"scope"`
TokenType string `json:"token_type"`
Error string `json:"error"`
ErrorDescription string `json:"error_description"`
}
RefreshResponse represents the result we get when we use a refersh token to get a new access token.
func RefreshToken ¶
func RefreshToken(refreshToken string) (refreshResponse RefreshResponse, err error)
RefreshToken performs a POST call to the auth0 token endpoint with a refresh token and returns a RefreshToken response, which includes a new access token.
Source Files